package com.wxw.tools;

import com.cdz.demo0216yiguo.realm.UserRealm;
import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.cache.ehcache.EhCacheManager;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.DependsOn;
 
import java.util.LinkedHashMap;
import java.util.Map;
 
/**
 * shiro的配置类
 * @Configuration 用于定义配置类，该类的各个方法返回各种对象实现系统的配置
 */
 
@Configuration
public class ShiroConfig {
 
    /**
     * 缓存配置
     */
    @Bean(name = "ehCacheManager")
    @DependsOn("lifecycleBeanPostProcessor")
    public EhCacheManager ehCacheManager(){
        EhCacheManager ehCacheManager = new EhCacheManager();
        return ehCacheManager;
    }
 
    /**
     * 返回自定义会话管理器
     * @return
     */
    @Bean
    public SessionManager sessionManager(){
        return new ShiroSessionManager();
    }
 
    //加入spring的容器，自动配置
    @Bean
    public HashedCredentialsMatcher hashedCredentialsMatcher(){
        //密码匹配器
        HashedCredentialsMatcher matcher = new HashedCredentialsMatcher();
        matcher.setHashAlgorithmName("md5");//设置加密算法，加密次数
        matcher.setHashIterations(2);       //设置加密的次数
        matcher.setStoredCredentialsHexEncoded(true);//设置密文16进制，false是base64编码
        return  matcher;
    }
 
    //返回自定义Realm
    @Bean
    public ShiroRealm userRealm(){
    	ShiroRealm userRealm = new ShiroRealm();
        userRealm.setCredentialsMatcher(hashedCredentialsMatcher());//设置密码配置器
        userRealm.setCachingEnabled(false);//取消缓存
        return userRealm;
    }
 
    //返回安全管理器
    @Bean
    public SecurityManager securityManager(){
//        //创建web项目的安全管理器
//        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
//        securityManager.setRealm(userRealm());
//        return securityManager;
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();
        securityManager.setRealm(userRealm()); //Realm配置
        securityManager.setCacheManager(ehCacheManager());
        //配置自定义会话管理器
        securityManager.setSessionManager(sessionManager());
        return securityManager;
    }
 
 
 
 
    //返回过滤器对象
    @Bean(name = "shiroFilter")
    public ShiroFilterFactoryBean shiroFilterFactoryBean(SecurityManager securityManager){
        ShiroFilterFactoryBean factoryBean = new ShiroFilterFactoryBean();
        factoryBean.setSecurityManager(securityManager);//配置安全管理器
        factoryBean.setLoginUrl("login.html");//配置登录URL，登录失败进行自动跳转
        //配置授权失败Url
        factoryBean.setUnauthorizedUrl("404.html");
        //配置拦截规则，不拦截在前面，拦截在后面
        //anon不拦截，authc拦截
        Map<String,String> map=new LinkedHashMap<>();
        map.put("/login.html","anon");
        map.put("/register.html" ,"anon");
        map.put("/index.html" ,"anon");
        map.put("/goods.html" ,"anon");
        map.put("/goodsDetails.html" ,"anon");
        map.put("/404.html","anon");
        map.put("/static/**","anon");
        map.put("/user/login/**","anon");
        map.put("/register/login","anon");
        map.put("/type/**" ,"anon");
        map.put("/product/**" ,"anon");
        map.put("/**","authc");//表示所有拦截资源
 
 
        factoryBean.setFilterChainDefinitionMap(map);
        return factoryBean;
    }
 
    //下面的配置用于启动@RequiresRoles 和@ReqriresPermissions 注解
    //基于springaop的实现
    //配置后置处理器
    @Bean
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor(){
        return new LifecycleBeanPostProcessor();
    }
 
    @Bean
    @DependsOn({"lifecycleBeanPostProcessor"})
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator(){
        DefaultAdvisorAutoProxyCreator creator = new DefaultAdvisorAutoProxyCreator();
        creator.setProxyTargetClass(true);
        return creator;
    }
 
    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(){
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager());
        return advisor;
 
    }
 
}
